E
Eric Hansen
Guest
This day and age everyone is mobile. Go to any one place and you’ll see people on their phones, laptops or tablets. When you’re a sysadmin and you’re on the go, there is no telling when you will need to jump in through SSH and perform some voodoo wizardry to get your clients happy again.
Think of this scenario. You connect to a server in a different DC to perform some maintenance. Of course you have to intervene every so often so you can’t just run it through a one-liner and expect perfection. But, while in the middle of running the maintenance routine you get a call where you have to up and leave your current place to solve an issue at another DC.
Another example would be public WiFi. When I’m at McDonald’s, for example, my WiFi session is terminated after x hours or y GB of data used. The fix is simple (just reconnect) but SSH sessions would hang then terminate. When doing important work or fixes this isn’t always pleasant.
With SSH these are a nightmare as you would either have to wait for the maintenance to finish or risk causing major issues. Sure there’s screen which can solve this to a degree, but it doesn’t maintain the connection itself, so its only marginally useful for these times. What I’ve found is a great resource called Mosh.
Mosh is a SSH-based client and server that was developed by people at MIT to persist connections across reconnects. The way this works is through a newly developed protocol called Style Synchronization Protocol. While this uses UDP, the protocol sends a heartbeat and incremental sequence to maintain connection state, and encrypts the packets using AES-128 CBC. While I’d prefer it to be at least AES-256, its also a relatively new solution.
While the connectivity portion is its main selling point for me, it also provides true UTF-8 support and works with SSH config files (i.e.: ~/.ssh/config). While its not a drop-in solution it is definitely a viable and useful one.
Installing
While most distros have Mosh in their main repos now, Ubuntu is a little different. For 14.04 (Trusty Tahr) there wasn’t a release for it yet in the PPA, so I had to edit the /etc/apt/sources.list.d/keithw-mosh-trusty.list to change “trusty” to “saucy”. It worked just as well though.
Installing in Ubuntu can be this simple though:
Setting The Server Up
Luckily there’s nothing to really do. And any config options to be passed through the mosh command itself.
Connecting To Non-22 Port
Its common practice for SSH to not be listening on port 22 or 0.0.0.0. These can be passed via mosh:
Of course this can work just as well if you have a Host setting in your SSH config:
Taking that for example we can connect via Mosh like this:
Server Issues
If you have problems connecting, the biggest problem is most likely due to the UDP port range 60000-61000.
If you want to restrict access to these ports and make it similar to SSH (connect to port 1234 instead of 61000) you just need to pass the “-p” switch to mosh itself (i.e.: mosh -p 1234 example.tld).
Lastly, since Mosh can be installed anywhere, this means any normal user can also run mosh-server as well. If you installed it on a per-user basis, then specify the server path. If it was installed to /home/ehansen/.apps/mosh/mosh-server then you would send it:
You can pass more options to the server as well such as which UDP port or interface to listen on.
Conclusion
This won’t be a useful option for everyone. But, there’s been numerous times where this would have saved me a lot of headache.
Be aware though that Mosh is basically a different protocol in itself, so you can’t use it with just any SSH client. There are apps though for Android (and probably iOS) that you can use as well. The main one I use for Android is JuiceSSH (sorry iOS users, I don’t use the platform…).
Think of this scenario. You connect to a server in a different DC to perform some maintenance. Of course you have to intervene every so often so you can’t just run it through a one-liner and expect perfection. But, while in the middle of running the maintenance routine you get a call where you have to up and leave your current place to solve an issue at another DC.
Another example would be public WiFi. When I’m at McDonald’s, for example, my WiFi session is terminated after x hours or y GB of data used. The fix is simple (just reconnect) but SSH sessions would hang then terminate. When doing important work or fixes this isn’t always pleasant.
With SSH these are a nightmare as you would either have to wait for the maintenance to finish or risk causing major issues. Sure there’s screen which can solve this to a degree, but it doesn’t maintain the connection itself, so its only marginally useful for these times. What I’ve found is a great resource called Mosh.
Mosh is a SSH-based client and server that was developed by people at MIT to persist connections across reconnects. The way this works is through a newly developed protocol called Style Synchronization Protocol. While this uses UDP, the protocol sends a heartbeat and incremental sequence to maintain connection state, and encrypts the packets using AES-128 CBC. While I’d prefer it to be at least AES-256, its also a relatively new solution.
While the connectivity portion is its main selling point for me, it also provides true UTF-8 support and works with SSH config files (i.e.: ~/.ssh/config). While its not a drop-in solution it is definitely a viable and useful one.
Installing
While most distros have Mosh in their main repos now, Ubuntu is a little different. For 14.04 (Trusty Tahr) there wasn’t a release for it yet in the PPA, so I had to edit the /etc/apt/sources.list.d/keithw-mosh-trusty.list to change “trusty” to “saucy”. It worked just as well though.
Installing in Ubuntu can be this simple though:
Code:
$ sudo apt-get install python-software-properties
$ sudo add-apt-repository ppa:keithw/mosh
$ sudo apt-get update
$ sudo apt-get install mosh
Luckily there’s nothing to really do. And any config options to be passed through the mosh command itself.
Connecting To Non-22 Port
Its common practice for SSH to not be listening on port 22 or 0.0.0.0. These can be passed via mosh:
Code:
mosh [email protected] --ssh=”ssh -p <port #>”
Code:
Host example.tld
User user
HostName example.tld
Port <port #>
IdentityFile ~/.ssh/id_rsa
Code:
mosh example.tld
If you have problems connecting, the biggest problem is most likely due to the UDP port range 60000-61000.
If you want to restrict access to these ports and make it similar to SSH (connect to port 1234 instead of 61000) you just need to pass the “-p” switch to mosh itself (i.e.: mosh -p 1234 example.tld).
Lastly, since Mosh can be installed anywhere, this means any normal user can also run mosh-server as well. If you installed it on a per-user basis, then specify the server path. If it was installed to /home/ehansen/.apps/mosh/mosh-server then you would send it:
Code:
mosh --server=/home/ehansen/.apps/mosh/mosh-server example.tld
Conclusion
This won’t be a useful option for everyone. But, there’s been numerous times where this would have saved me a lot of headache.
Be aware though that Mosh is basically a different protocol in itself, so you can’t use it with just any SSH client. There are apps though for Android (and probably iOS) that you can use as well. The main one I use for Android is JuiceSSH (sorry iOS users, I don’t use the platform…).